In about 12 days ShapeShift.io will announce details of their new system “built entirely on smart-contracts.” I don’t want to jump to conclusions here but if this is what I think it is – this could be the start of a very, very significant trend towards the big players in cryptocurrency exchange providing their customers with a much higher level of security.

For anyone who has been following these technologies you’ll notice that there hasn’t been any major companies trying to tackle “decentralized exchange.” I know of only a few companies who have tried to do this since 2013 and none of them managed to raise more than a few hundred K.

There are a few different reasons for this but what I think it comes down to is cost: it is far cheaper and easier to build a regular exchange and market it as a high security exchange then it is to do the opposite. So with ShapeShift’s Prism - I think it could only go in a few different directions.

If you think about it: all of the current p2p exchanges require software programs to be downloaded so they aren’t very user-friendly (and aren’t very ShapeShift-like.) Installs provide the highest security but I think if you want people to use your exchange you’re going to need a different approach.

What I think Prism will be

What I am speculating that ShapeShift have done with Prism is the blockchain.info equivalent of decentralized exchange. They will be using a completely in-browser crypto setup to sign all transactions and form contracts directly between users over encrypted channels.

The platform itself will provide little more than a trade engine, API, and basic developer libraries to form various contracts - meaning that from a security perspective - there is almost nothing to hack.

Of course, the user experience for this will all be web-based - though developers will still be able to write their own applications and use the Prism exchange platform to do the matching (with the initial liquidity provided by ShapeShift via a network of bots who understand “smart contracts.”)

I don’t know what kinds of smart contracts they will support… But based on my prior work - my conclusion is that for complete compatibility with older-style crypto-assets it is best to use micro-payment channels and keep hash-locked contracts for newer-style assets.

So in practice this means creating a highly modular approach to doing contracts because a lot of crypto-assets have completely different technology stacks anyway, so a lot of custom code to do the same thing will still need to be written if you want everything to work together.

A new token system too?

There is one final clue as to what contracts they might support. If you look at actual exchange smart contracts you’ll notice that they still all require that the user stays online to trade (not what most people would expect.) I think the solution to this problem is to introduce a new token that can be used to enforce orders on other people’s behalf.

Imagine a person wanted to trade Litecoins for Dogecoins. They would find a person holding this special token who had enough value left over in that token to match their value in Litecoins.

They would then create a special transaction stating their intention to do a trade (along with the future deposit details) and get the token holder to sign and publish this transaction. Now they can send coins to the token-holder and if the token-holder doesn’t go through with a trade on their behalf by a set period the user is awarded their tokens instead.

I think this approach has some huge advantages. First, it would mean that all coins were still traded directly with regular smart contracts so users wouldn’t have to hold some peculiar proxy token. Second, it would mean that offline matching was still possible while opening up the potential to bridge blockchains directly within the token system. And third, it creates a new incentivized asset that does something useful (rare for crapcoins.)

Note: BlockNet and Cosmos already do something similar so you might not need a new token to do this.

It’s interesting to imagine what would happen if this token were also a stable coin pegged to the US Dollar. ShapeShift could potentially kill two birds with one stone by accepting USD-based deposits and awarding stable coins with some proof-of-solvency protocol, and doing this would open up the potential to trade Stable Coins with atomic contracts in the future.

So bringing it all together

Option 1 - Keep your browser open to trade

Browser: The exchange and the user sign another TX splitting up all their coins into multiple outputs, again going towards multi-sigs for user + exchange.

Browser: The user places an order.

Backend: A dynamic matching engine pairs up users.

Browser: The software approves signing to move funds into the smart contracts based on who accepted.

Browser: The software releases any hash secrets / signs their part of the transaction flow when it is time (atomic swaps or micro-payment channels.)

Browser: The trade is complete, 100% in browser using trustless smart contracts.

The trade might not always be matched fully based on step 3 and 4 but large orders can always be split up so that if anyone doesn’t complete the full protocol users funds won’t be tied up. This could also be tied into an incentive – break the protocol and pay some penalty.

Option 2 - Let someone else keep their browser open

Browser: Ask a token-holder to sign a special meta-token transaction to indicate your intention to trade an asset pair.

Wallet: Send your coins to the agreed upon address.

Token: The token holder does the smart contracts on your behalf or he loses his tokens (his token’s consensus system checks the progress of the coins on both different blockchains.)

Browser: This is still 100% trustless without keeping your browser open.

This option is cool. There are many ways to use meta-tokens and collateral in exchange protocols but forcing the user to go through all that complexity is still crappy. In this case, since the person who has to hold the meta-tokens isn’t the user that problem is avoided.

I guess lets see what happens in 12 days. This new platform might have nothing to do with asset exchange. It could be a client-side Lightning, or it might only be for ERC20-style tokens… In any case, if I’m right about this ShapeShift are now the quiet new leaders in crypto-exchange security.